[one-users] ip spoofing
Stefan Kooman
stefan at bit.nl
Tue Apr 29 13:13:02 PDT 2014
Quoting Maxim Terletskiy (terletskiy at emu.ru):
> Thanks for answer.
>
> We're giving white ips from several networks, dhcp not very well fit
> our needs. So using context for network settings setup.
>
> Now we're looking for solution which prevent vm A with ip X from use
> of ip Y which belongs to vm B. X and Y are ips from one network in
> one vlan.
Are you using openvswitch? In that case you already have "mac spoofing"
and "IP Hijacking" prevention [1]. OpenFlow rules are used to set that
up. Note that it only works for IPv4 addresses. IPv6 is not covered yet.
Gr. Stefan
[1]:
http://docs.opennebula.org/4.6/administration/networking/openvswitch.html
--
| BIT BV http://www.bit.nl/ Kamer van Koophandel 09090351
| GPG: 0xD14839C6 +31 318 648 688 / info at bit.nl
More information about the Users
mailing list